When there's a threat or breach, you'll be the first to know.
Healthcare attacks in 2020 involved the theft or exposure of the protected health information of at least 18,069,012 patients. For organizations in the Tech or Financial Services industry, this data could range from customer PII to private company financial records. There is no guarantee the data stolen won't be leaked on the dark web.
A release of private patient or customer data can erode trust in your business. It can lead to reputational damage, as well as open lawsuits from those who were affected by the attack. Paying the ransom may prevent the data from being released, however it is not guaranteed.
Backups can also be encrypted if they aren't properly secured. Some businesses choose to backup their data on the weekend, a time when ransomware threat actors favor carrying out their attacks, leading to a loss of data. You can find more tips on how to set up your backups here.
On average, ransomware attacks cause 15 business days of downtime. Because of the lack of business activity, victims of ransomware lose around $8,500 an hour.
Loss of business can happen after the attack as well, with patients or customers affected choosing to go with different brands for their needs. As an example, 49% of potential patients said they would change hospitals if their healthcare organization was hit by a ransomware attack. Handling the PR well after the attack is vital to maintain trust in your data security.
Ransom payments typically account for less than 20% of the total cost of a ransomware attack. Of that $5.66 million figure each year, just $790,000 accounts for ransom payments. Research shows businesses suffer most of their losses through lost productivity and the time-consuming task of containing and cleaning up after a ransomware attack.
Ransomware attacks need to be assessed for legitimacy. Once the threat has been confirmed, our team will attempt to identify the threat actor responsible and develop a negotiation and mitigation strategy based on their recent cyber attack history.
Threat actors may seem like faceless criminals – but they are human beings who need to be engaged in a special manner. Once their claims have been verified, our negotiators will begin to attempt to build trust and rapport for a positive outcome.
Novices are always at a disadvantage in negotiations with experienced professionals, and since most companies do not have access to experienced ransomware negotiators, threat actors usually have a decided advantage. GroupSense levels the playing field with experienced negotiators who can effectively reduce ransom demands and manage the cryptocurrency transaction once the negotiation is complete.
There are a number of activities which need to be carried out post-transaction to reduce the potential damage of the ransomware attack. These include monitoring the threat actor to prevent a repeat attack, obtaining access to any stolen data and communicating with all necessary parties about the attack, such as insurance companies or public relations firms.